bf0b260743fd2ec506255369cf77b94d4edb9dc303da0daf6ff855e4f169b0fd

Sharing

Copy URL Twitter E-mail

General

Target

bf0b260743fd2ec506255369cf77b94d4edb9dc303da0daf6ff855e4f169b0fd
Size

211KB
MD5

50b2897217e3f7d01d8d727c6a57b8d8
SHA1

cf244826dd1889f0df29fe4dc8059c092f7ff8df
SHA256

bf0b260743fd2ec506255369cf77b94d4edb9dc303da0daf6ff855e4f169b0fd
SHA512

4aed03f9d1ccf7ffa1ef6c5334b01bd7ef7ad9599ba52a352b3bf1e1742997ac0493b35bb2753088227d5068b607f30ca0e56e2d267748573c1f0891c358f26d
SSDEEP

3072:5GuRAf8COntvrAcQ0m15HuK9WA/52i1ONRjpak+hE8:oWAf8baH18Rjpn+hE8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf0b260743fd2ec506255369cf77b94d4edb9dc303da0daf6ff855e4f169b0fd

Files

bf0b260743fd2ec506255369cf77b94d4edb9dc303da0daf6ff855e4f169b0fd
.dll regsvr32 windows:4 windows x64 arch:x64

b6d2ee3418a4b4d5024b34771d282d94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegEnumKeyExA
RegEnumKeyExW
RegEnumKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW

kernel32

CloseHandle
CreateEventW
CreateFileMappingA
CreateProcessA
CreateSemaphoreA
CreateThread
DebugBreak
DeleteCriticalSection
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
EnumResourceNamesW
FindResourceW
FlushViewOfFile
FreeLibrary
GetEnvironmentVariableW
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetTickCount
HeapAlloc
HeapFree
HeapReAlloc
InitializeCriticalSection
IsBadStringPtrA
IsBadStringPtrW
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
MapViewOfFile
MapViewOfFileEx
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseSemaphore
ResumeThread
SetEvent
SizeofResource
SleepEx
TerminateThread
UnmapViewOfFile
WaitForSingleObject
WideCharToMultiByte

ntdll

_vsnprintf

ole32

CLSIDFromString
CoCreateGuid

ucrtbase

__acrt_iob_func
__stdio_common_vsprintf
_strdup
_wcsdup
calloc
free
fwrite
getenv
malloc
memcmp
memcpy
memmove
memset
strchr
strcmp
strcpy
strcspn
strlen

user32

GetMessageW
wsprintfA

winmm

timeGetTime

Exports

Exports

DirectPlayCreate
DirectPlayEnumerate
DirectPlayEnumerateA
DirectPlayEnumerateW
DirectPlayLobbyCreateA
DirectPlayLobbyCreateW
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
gdwDPlaySPRefCount

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 464B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 439B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6d2ee3418a4b4d5024b34771d282d94

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

ntdll

ole32

ucrtbase

user32

winmm

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 88KB

.data Size: 4KB - Virtual size: 304B

.rodata Size: 4KB - Virtual size: 52B

.rdata Size: 72KB - Virtual size: 71KB

.pdata Size: 8KB - Virtual size: 6KB

.xdata Size: 8KB - Virtual size: 4KB

.bss Size: - Virtual size: 464B

.edata Size: 4KB - Virtual size: 439B

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 932B

.text
Size: 92KB - Virtual size: 88KB

.data
Size: 4KB - Virtual size: 304B

.rodata
Size: 4KB - Virtual size: 52B

.rdata
Size: 72KB - Virtual size: 71KB

.pdata
Size: 8KB - Virtual size: 6KB

.xdata
Size: 8KB - Virtual size: 4KB

.bss
Size: - Virtual size: 464B

.edata
Size: 4KB - Virtual size: 439B

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 932B